<?php
session_start();//验证登陆信息

include_once ("../../config.php");
include_once '../../connection.php';


//if($_POST['submit']){
	$username=$_POST['username'];
	$userpass=$_POST['userpass'];
    $userpass=md5($userpass);
	
	
	
//先判断接收的用户名，是否含有特殊字符。有的话，直接返回登陆框。
if(!preg_match("/^[0-9a-zA-Z]{3,12}$/",$username))
{
echo "<script language='javascript'>alert('用户名不存在！');location='/login';</script>";
}
			  
//开始判断用户信息
else
{

$user=select_one_line_all_items($table_Prefix."employee","wechat_openid= '".$_REQUEST['openid']."'");


//判断用户是否存在
if(count($user)==0)
{
	echo "<script language='javascript'>alert('用户名不存在！');location='/login';</script>";
}
//能找到用户信息
else
{
	if(($username==$user['mid'])&&($userpass==$user['mima'])&&($user['authority']=="是"))
	{
		$_SESSION['username']     = $admin_name[$i];
		$_SESSION['department']   = $admin_department[$i];
		$_SESSION['departmentid'] = $admin_departmentid[$i];
		$_SESSION['mid']          = $admin_mid[$i];
		$_SESSION['nid']          = $admin_nid[$i];
		$_SESSION['quanxian']     = $admin_quanxian[$i];
		$_SESSION['position']     = $admin_position[$i];
		$_SESSION['wechat_openid']     = $_REQUEST['openid'];

		//同时还应该要写入openid到表格
		echo "<script language='javascript'> location='../controlbase/';</script>";
	}
	else
	{
		echo "<script language='javascript'>alert('无登陆权限 或 密码错误！');location='/login/';</script>";
	}
}
}


	
	


?>
